From 8dac8c00cefbef8b30c0351d06e33a918d4e88b8 Mon Sep 17 00:00:00 2001
From: Ralph Dolmans <ralph@nlnetlabs.nl>
Date: Thu, 25 Apr 2019 19:02:17 +0200
Subject: [PATCH]  - Don't attempt an RPZ delete for unsupported actions

---
 services/rpz.c | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/services/rpz.c b/services/rpz.c
index e7c24fe49..b479bed0b 100644
--- a/services/rpz.c
+++ b/services/rpz.c
@@ -292,8 +292,6 @@ rpz_insert_qname_trigger(struct rpz* r, uint8_t* dname, size_t dnamelen,
 		return 0;
 	}
 	if(a == RPZ_LOCAL_DATA_ACTION) {
-		/* insert data. TODO synth wildcard cname target on
-		 * lookup */
 		rrstr = sldns_wire2str_rr(rr, rr_len);
 		/* TODO non region alloc so rrs can be free after IXFR deletion?
 		 * */
@@ -483,11 +481,10 @@ rpz_remove_rr(struct rpz* r, size_t aznamelen, uint8_t* dname,
 		return;
 	}
 	t = rpz_dname_to_trigger(policydname);
-	if(t == RPZ_QNAME_TRIGGER) {
+	if(a != RPZ_INVALID_ACTION && t != RPZ_QNAME_TRIGGER) {
 		z = rpz_find_zone(r, policydname, policydnamelen, rr_class,
 			1 /* only exact */, 1 /* wr lock */);
 		if(!z) {
-			/* TODO, not for SOA, NS, DNSSEC related RR types */
 			verbose(VERB_ALGO, "RPZ: cannot remove RR from IXFR, "
 				"RPZ domain not found");
 			free(policydname);
@@ -501,11 +498,6 @@ rpz_remove_rr(struct rpz* r, size_t aznamelen, uint8_t* dname,
 			local_zones_del_zone(r->local_zones, z);
 		}
 	}
-	else {
-		verbose(VERB_ALGO, "RPZ: skipping unusupported trigger: %s "
-				"while removing RPZ RRs",
-			rpz_trigger_to_string(t));
-	}
 	free(policydname);
 }